Mike Qaissaunee, a Professor of Engineering and Technology at Brookdale Community College in Lincroft, New Jersey, shares his experiences and perspectives on integrating new technologies in and approaches to teaching and learning. ~ Subscribe to this Blog

Saturday, March 31, 2012

The Linux Foundation has announced the joining of Microsoft as its latest member. Microsoft has also proposed to donate the source code of Windows 8 to the Linux Foundation. The company is also working with the Linux community to merge the Windows 8 kernel with the Linux mainline tree.

Friday, March 30, 2012

While the web (and traditional e-books) do lack "spatial navigability", enhanced e-books delivered on touchscreen devices are clearly different. Not only do they require a user to touch the screen to navigate the book, but interactive elements (3D objects, video, audio, assessments, animations, simulations, etc.) provide opportunities to build additional connections with the content – and hopefully to improve student success.

Neuroscientist Mark Changizi explains how e-books, like much of the web, lack spatial navigability, which can be key to remembering information:

We don't navigate the web so much as beam hither and thither within it. Can't find your way to the ticket site? No matter, you can Google-beam directly there by typing in the name. And not only is the web not spatial or navigable, but the new reading experiences within documents have lost their spatial sense as well. ... Need to jump to that part of the book where they discussed cliff jumping? You will get no help from the local topography, but you can beam yourself directly there via a within-document text search.

[Jakob Nielsen, a web "usability" expert,] says that studies show that smaller screens also make material less memorable. "The bigger the screen, the more people can remember and the smaller, the less they can remember," he says. "The most dramatic example is reading from mobile phones. [You] lose almost all context."

Chinese vendor ZTE has conducted a field demonstration of optical networking equipment capable of transporting data at 1.7Tbps, the company said on Thursday.

WDM (Wavelength Division Multiplexing), which is mainly used by operators in their core networks, sends large amounts of data using a number different wavelengths or channels over a single optical fiber.

The distance during ZTE's demonstration was 1,750 kilometers (1,087 miles), and the company used a standard single mode fiber optic cable, it said.

ZTE didn't detail when in expects to see products that can handle 200Gbps per channel. The goal with the demo was to show that an "upgrade from a 100Gbps transmission system to a 200Gbps system is possible," the company said.

Lithuanian designer Gogelmogel specializes in a mix of simple ideas with a side of humor. Once such example is the latest project, the Blah Blah Blah book. The book is pretty much exactly what it seems – a book filled with blah, blah, and more blahs.

That’s right, an entire book of the nonsensical word “blah”. Does the work have a deeper meaning or is it just a humorous project? That’s for you to decide.

Monday, March 26, 2012

I was supposed to testify today about the TSA in front of the House Committee on Oversight and Government Reform. I was informally invited a couple of weeks ago, and formally invited last Tuesday

...

On Friday, at the request of the TSA, I was removed from the witness list. The excuse was that I am involved in a lawsuit against the TSA, trying to get them to suspend their full-body scanner program. But it's pretty clear that the TSA is afraid of public testimony on the topic, and especially of being challenged in front of Congress. They want to control the story, and it's easier for them to do that if I'm not sitting next to them pointing out all the holes in their position.

Working just around the corner from where (Holmdel, NJ) much of this innovation happened, I'm interested in reading how such a successful culture of innovation was created and ultimately how it fell apart.

Bell Labs was behind many of the innovations that have come to define modern life, including the transistor (the building block of all digital products), the laser, the silicon solar cell and the computer operating system called Unix (which would serve as the basis for a host of other computer languages). Bell Labs developed the first communications satellites, the first cellular telephone systems and the first fiber-optic cable systems.

The Bell Labs scientist Claude Elwood Shannon effectively founded the field of information theory, which would revolutionize thinking about communications; other Bell Labs researchers helped push the boundaries of physics, chemistry and mathematics, while defining new industrial processes like quality control.

In “The Idea Factory,” Mr. Gertner — an editor at Fast Company magazine and a writer for The New York Times Magazine — not only gives us spirited portraits of the scientists behind Bell Labs’ phenomenal success, but he also looks at the reasons that research organization became such a fount of innovation, laying the groundwork for the networked world we now live in.

...

The very success of Bell Labs, he notes, contained the seeds of its destruction. Not only was it producing too many ideas for a single company to handle, but some of its innovations (like the transistor) also altered the technological landscape so much that its core business would be reduced to a mere part of the ever-expanding field of information and electronic technology — a field increasingly dominated by new rivals, with which a post-monopoly AT&T had difficulty competing.

Google is using toilet water to cool its data center in western Georgia.

In 2007, when Google first opened its massive computing center in Douglas County, Georgia, it cooled the facility's equipment using the same water that's pumped into the pipes of local homes. But at some point, the search giant realized that the water used by its evaporative cooling system needn't be clean enough to drink.

On Thursday, Google revealed that it's now working with the Douglasville-Douglas County Water and Sewer Authority to cool the facility with 100 percent recycled water. "When the residents of the county take showers and flush their toilets, they're helping to cool our data center," Joe Kava, the man who runs Google's data center operations and construction team, tells Wired.

The company may save some money in the long term with its recycled water. But according to Kava, that's not the primary aim. In partnering with the Sewer Authority, Google is no longer putting the same strain on the area's natural water supply—and it's making sure it can ride out a drought. "The finances make sense, but over a much longer period of time. It was really about being environmentally responsible and securing our supply if there was rationing of potable water," Kava says. "You don't want to contribute to any fresh water shortage."

Saturday, March 24, 2012

Definitely! Alex Knight getting some great LTE speeds on Rogers network. 32 Is The New 16 It's too bad the caps are so low – the speeds are enough to replace a home broadband connection.

On Sunday, I quickly started to realize that I would probably need the 32GB model. I decided to return my iPad to the Apple store this week and exchange it. I made a last minute decision while waiting in line to swap it for a 32GB LTE model. I can’t tell you how much I’m loving the LTE speeds. It truly is useful to be able to have Internet access anywhere I am. Although 90% of the time I’ll be on Wi-Fi, that 10% when I’m not gets annoying when I actually need Internet access.

Speaking of LTE speeds, I’ve been testing my carriers network here in Vancouver — which happens to be Rogers — and I’ve been getting blistering LTE speeds. The fastest I’ve tested so far is 38Mbps downstream and 29Mbps upstream.

the Apogee MiC is the latest foray into mobile recording. Much like its guitar specific counterpart, the MiC is both iDevice and Mac compatible and its compact stature won't take up precious real estate in your travel pack. But, as you may expect, staying mobile comes at a premium. So, is the $249 price tag a deal breaker for the MiC? Is it a small price to pay for adding a solid microphone to your mobile recording setup?

Sweden was the first European country to introduce bank notes in 1661. Now it's come farther than most on the path toward getting rid of them.

"I can't see why we should be printing bank notes at all anymore," says Bjoern Ulvaeus, former member of 1970's pop group ABBA, and a vocal proponent for a world without cash.

The contours of such a society are starting to take shape in this high-tech nation, frustrating those who prefer coins and bills over digital money.

In most Swedish cities, public buses don't accept cash; tickets are prepaid or purchased with a cell phone text message. A small but growing number of businesses only take cards, and some bank offices – which make money on electronic transactions – have stopped handling cash altogether.

"There are towns where it isn't at all possible anymore to enter a bank and use cash," complains Curt Persson, chairman of Sweden's National Pensioners' Organization.

He says that's a problem for elderly people in rural areas who don't have credit cards or don't know how to use them to withdraw cash.

The decline of cash is noticeable even in houses of worship, like the Carl Gustaf Church in Karlshamn, southern Sweden, where Vicar Johan Tyrberg recently installed a card reader to make it easier for worshippers to make offerings.

The Pentagon’s looking to send way more satellites beyond the skies. To do it, though, it’s starting on the highway — by using race car parts to make spacecraft construction quicker and cheaper than it is today.

In a new announcement, Darpa’s asking myriad organizations — including the medical community and the NASCAR set — to help them come up with cheap, disposable satellites that can provide on-demand overhead imagery for soldiers in remote locales.

...

Its new program, called SeeMe (short for “Space Enabled Effects of Military Engagement”), would culminate with “a constellation” of two dozen satellites, moving in a low orbit and transmitting imagery to soldiers in the field. To do it, though, the agency’s going to have to cut costs — which is why it’s turning to commercial industries, like car racing, which are quicker than the Pentagon to innovate.

...

Darpa wants each satellite to cost less than $500,000, compared to the tens (if not hundreds) of millions it costs now. Plus, it expects to replace the spacecraft with remarkable frequency: Each one would be designed to spend less than three months in orbit. After that, the satellites would de-orbit and burn up in the atmosphere. Among Darpa’s cost-cutting measures for cheap, disposable satellites: nitrous oxide propulsion gear from the racing industry and medical valves initially developed for hospital oxygen tanks.

Thursday, March 22, 2012

In an excellent article in Wired, James Bamford talks about the NSA's codebreaking capability.

According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: "Everybody's a target; everybody with communication is a target."

Bamford has been writing about the NSA for decades, and people tell him all sorts of confidential things. Reading the above, the obvious question to ask is: can the NSA break AES?

My guess is that they can't. That is, they don't have a cryptanalytic attack against the AES algorithm that allows them to recover a key from known or chosen ciphertext with a reasonable time and memory complexity. I believe that what the "top official" was referring to is attacks that focus on the implementation and bypass the encryption algorithm: side-channel attacks, attacks against the key generation systems (either exploiting bad random number generators or sloppy password creation habits), attacks that target the endpoints of the communication system and not the wire, attacks that exploit key leakage, attacks against buggy implementations of the algorithm, and so on. These attacks are likely to be much more effective against computer encryption.

Based on its current form, Windows 8 represents an unconscionable, and barely comprehensible, rejection of the values Microsoft has spent the last 26 years perfecting in its visual operating system. It doesn’t make computers easier to navigate and understand, it makes them more difficult, paradoxically by making the interface so brain-dead simple that it can’t do anything someone with a brain might actually want. Want to close an application without using Alt-F4? Forget it. Want the menus and settings intelligently organized? No chance. Want to just display two windows on the screen at the same time? Good luck with that.

Mozilla was out showing off their web-based phone at the Mobile World Congress last month, and IDG News Service posted this video of Jonathan Nightengale, Senior Director for Firefox Engineering, demonstrating the phone in action.

The device runs Mozilla's Boot2Gecko (B2G) operating system, which runs all of the phone's applications on the web, and is demoed on the Samsung Galaxy S2. As Jonathan points out, B2G uses APIs for all of the smart phone functions that typically require a native application, such as: phone dialer, camera, text messaging, and geolocation.

Wednesday, March 21, 2012

Moody’s has just finished its update of US non-financial corporate cash piles through the end of last year, and truthfully we were surprised by the extent to which Apple is behind the bigger trend from the last couple of years (emphasis ours):

Apple alone represents $64 billion or 36% of the total $179 billion increase in corporate cash since 2009. And in 2011, overall corporate cash would have actually declined by $6 billion had it not been for Apple’s $46 billion increase. Unless Apple changes its philosophy towards liquidity by instituting a one-time or ongoing common dividend, or if Apple starts to buy back stock, we estimate Apple’s cash balances could increase by more than $50 billion in 2012 and approximate $150 billion.

Supported by our expectations that consumers worldwide will continue to feast on Apple products, we expect overall corporate cash and its concentration will increase in 2012. Apple alone could represent 12% of total corporate cash, about three times more than the next cash king. …

Subject to declaration by the Board of Directors, the Company plans to initiate a quarterly dividend of $2.65 per share sometime in the fourth quarter of its fiscal 2012, which begins on July 1, 2012.

Additionally, the Company’s Board of Directors has authorized a $10 billion share repurchase program commencing in the Company’s fiscal 2013, which begins on September 30, 2012. The repurchase program is expected to be executed over three years, with the primary objective of neutralizing the impact of dilution from future employee equity grants and employee stock purchase programs.

Angry Birds was Rovio’s 52nd game. They spent eight years and almost went bankrupt before finally creating their massive hit. Pinterest is one of the fastest growing websites in history, but struggled for a long time. Pinterest’s CEO recently said that they had “catastrophically small numbers” in their first year after launch, and that if he had listened to popular startup advice he probably would have quit.

You tend to hear about startups when they are successful but not when they are struggling. This creates a systematically distorted perception that companies succeed overnight. Almost always, when you learn the backstory, you find that behind every “overnight success” is a story of entrepreneurs toiling away for years, with very few people except themselves and perhaps a few friends, users, and investors supporting them.

Seagate has demonstrated hard drive technology that squeezes a trillion bits into a single square inch, claiming it’s the first hard drive manufacturer to do so.

Over the next 10 years, the company says, this will lead to standard 3.5-inch drives that can store 60 terabytes of information. Today’s 3.5-inch drives give you three terabytes of storage, stuffing about 620 billion bits into each square inch.

Monday, March 19, 2012

STRUGGLING to make your smartphone battery last the whole day? Paying for your apps might help. Up to 75 per cent of the energy used by free versions of Android apps is spent serving up ads or tracking and uploading user data: running just one app could drain your battery in around 90 minutes.

Abhinav Pathak, a computer scientist at Purdue University, Indiana, and colleagues made the discovery after developing software to analyse apps' energy usage. When they looked at popular apps such as Angry Birds, Free Chess and NYTimes they found that only 10 to 30 per cent of the energy was spent powering the app's core function.

For example, in Angry Birds only 20 per cent is used to display and run the game, while 45 per cent is spent finding and uploading the user's location with GPS then downloading location-appropriate ads over a 3G connection. The 3G connection stays open for around 10 seconds, even if data transmission is complete, and this "tail energy" consumes another 28 per cent of the app's energy. Pathak blames the energy leakage on inefficiencies in the third-party code that developers use to generate profit on free apps.

Google's Chrome browser on Friday fell to a zero-day attack that pierced its vaunted security sandbox, the third such attack in as many days at a contest designed to test its resistance to real-world threats.

A teenage hacker who identified himself only as PinkiePie said he spent the past week and half working on the attack. It combined three previously unknown vulnerabilities to gain full system access to a Dell Inspiron laptop that ran a fully patched version of Chrome on top of the most up-to-date version of Windows 7. He spent the past three days holed up in hotel rooms and conference areas refining the attack so it would break out of the sandbox, which was designed to prevent code-execution attacks like his, even when security bugs are identified.

...

PinkiePie said all three of the vulnerabilities resided in code that's native to Chrome. That meant it qualified for a $60,000 prize, the top reward for the Pwnium contest Google sponsored at the CanSecWest conference in Vancouver. Members of the Chrome security team started analyzing the exploit and vulnerability details within minutes of the hack. Less than 24 hours later, Google put a fix into its distribution pipeline.

...

Google is offering prizes of $60,000, $40,000 and $20,000 under the competition in an attempt to learn new strategies for fortifying Chrome against attacks that expose sensitive user data or take control of user machines. PinkiePie is only the second contestant to enter the contest. Both have demonstrated attacks that allowed them to take control of Chrome users' machines when they do nothing more than browse to an attack site.

The five vulnerabilities exposed during the third and final day of the contest are miniscule compared to the overall number of bugs Chrome's security team fixes each year. A member of the team said the value of Pwnium isn't in the number of bugs that come to light, but rather in the insights that come from watching how a reliable exploit is able to slip through carefully crafted defenses.

Trust me on this one. There are few people who have given trust and reputation more thought than security expert Bruce Schneier. His latest book, Liars And Outliers, asks the question of how society functions when we can’t trust each other. And Schneier has spent a lifetime thinking through the relationship between trust and reputation in our new information economy.

The Internet both changes everything and nothing about trust, Schneier explained to me when he came into our San Francisco studio. On the one hand, the security guru told me, it allows us to scale trust; but, on the other, he went on, digital technology allows those who abuse trust to do more damage. The Internet is also doing a bad job replicating society, he asserted. with contemporary social networks like Facebook and Twitter being worse environments for building trust between people than 90′s style chat rooms and email.

Not so surprising, but I'm not so sure it's a re-wiring of the brain. Like any skill, if you don't practice face-to-face interaction your abilities will not improve and any existing skills you have will likely atrophy. I, myself, long for a future with no human interaction, but it would probably be tough to continue my teaching career;)

If you're a digital native, you should be aware that the internet may have partially rewired your brain in such a way that when you meet people face to face, you're less capable of figuring out what they're thinking.

No, I'm not joking. There's a significant amount of scientific literature on this. Compared with people who didn't grow up using computers and the internet, you may be slower to pick up on nonverbal cues such as facial expressions, tones of voice, and body language.

Securing your Windows desktops is not that easy, when you consider the complete list of security settings that you need to solve. In this article we are discussing two of the areas that you will need to solve: Anti-virus and privilege management. AV solutions are typically the first line of defense for an organization to protect their endpoints. AV solutions are common, trusted, and vital to protect a portion of your endpoint security issues. However, AV solutions are only as good as the latest signature file that is associated with it. AV solutions can’t find and stop new viruses, as the signature for these malicious applications are not known. Privilege management is a vital part of your endpoint security. As one of the most effective of all the endpoint security solutions, privilege management improves the overall security of your endpoint more than the other solutions being discussed. The reason is that standard users can’t cause the damage and harm that a privileged user can. Installations, malicious applications, errant configurations, etc. just don’t occur when privilege management is controlled.

Friday, March 16, 2012

Mike Swanson, creator of the app Halftone has an answer … Halftone and the iPad Retina Display. Take a look at his blog post to see some screenshots comparing Retina versus non-retina displays.

The difference in quality is truly stunning.

For those who are curious, it didn’t take a lot of extra work to add full iPad Retina support to Halftone. Being a Universal app that also runs on iPhone and iPod touch, Halftone has long supported Retina resolution on the iPhone 4/4S. This meant that most of the icons and imagery in Halftone was already at Retina resolution.

Also, Halftone relies heavily on vector graphics for its borders, speech balloons, and stamps. As a result, it required no additional work for these elements to take full advantage of the new display. Another side-effect is that the additional memory in the new iPad also means that larger images can be processed and exported at full quality.

Finally, there’s legitimate concern that Retina-enabled iPad apps will result in much larger app sizes (and therefore require more bandwidth to download and store them on the device). In Halftone’s case, though, the increase is only around 1.5MB, and it’s due to the default screenshots that display when the app launches in portrait or landscape orientation. Otherwise, the vector imagery requires no additional space at all. Aren’t vectors great!?

The third-generation Apple iPad is here, and we've tested it next to our best Android tablets--the Asus Transformer Prime TF201 and the Samsung Galaxy Tab 10.1. While our tests of battery life and recharge times are still pending, a clear picture of this latest iPad is emerging. Put simply: The new iPad streaks to the head of the pack, largely on the strength of improvements to its display. But this doesn't mean that everyone else should abandon the race; it just means that they're going to have to work harder to overcome the iPad's lead.

The recent IDC study this story references has made the rounds this week. Among the link-bait headlines have been:

"Android tablets will overtake iPad by 2015";

"The company [Apple] had 54.7 percent of the worldwide tablet market in Q4, down from 61.5 percent in Q3"

"Android’s share is rising, largely at the expense of the iPad"

What's not clear from the IDC study – and the numerous sites that have referenced it – is that the study, and therefore the stellar, re-reporting of the study are conflating Android units shipped and iOS units sold. My own experience has been 1 Android tablet sighted for every 10 iPads – this might even be a generous assessment. How many Android tablets have you seen in the wild?

In the fourth quarter, Applesold 15.4 million iPads, more than double the 7.3 million sold a year earlier. Among all manufacturers, IDC says 28.2 million tablet computers were shipped in the final three months of 2011, about 2.5 times the number a year earlier.

The 68.7 million tablets shipped in 2011 represents a 9 percent increase from IDC's forecast of 63.3 million and is about 3.5 times the 19.4 million shipped in 2010.

As South by Southwest Interactive is ending and the music festival is begins, there’s a new app offering a fans a chance to explore Austin’s musical history.

The app is called ACL Archive, and it comes from Austin City Limits, the public television show that first started in 1976 to showcase live performances. I was actually a fan of the show when I was a teenager — or, as I told general manager Tom Gimbel, back when I had a television. Gimbel says that’s exactly why this is an important effort for ACL, as program tries to adapt to changing viewing habits.

ACL already has a strong online presence at both the PBS website and at the recently redesigned ACLTV.com. However, those sites mostly showcase recent concerts, while the iPad app, as the name implies, digs deeper into the program’s past.

Thursday, March 15, 2012

Acorn – a UK-based contemporary of Apple, Tandy and Sinclair. So in the four videos, we've gone from valves, to transistors, to integrated circuits and now to VLSI (very large scale integration) – thousands of transistors on a single chip.

In case you hadn’t heard, Microsoft is launching a new version of Windows this year. Windows 8 is a radical departure from previous versions of the software since it’s designed to work with both traditional PCs and tablets. Microsoft thinks it’s done a good job of accommodating both experiences, but at least one former employee disagrees. Strongly.

Former Microsoft program manager Mike Bibik, who now works for Amazon as a senior user-experience designer, set up an entire website to highlight what’s wrong with Windows 8 and how to fix it. “Fixing Windows 8″ says Windows 8 is less than optimal for a mouse-and-keyboard setup. While he thinks that the touchscreen experience is “great,” he says Microsoft’s repeated assertion (seen most recently in a post about how Internet Explorer will work in the new environment) that the interface is every bit as fast and fluid on a traditional non-touchscreen PC is “not entirely true.”

…

In his initial “rant” about how Windows 8 works with mouse-and-keyboard setups, Bibik makes many points. Among them:

No tutorial: When you first launch Windows 8, it just dumps you on the Start screen. This will likely be addressed in the consumer release, however.

It’s difficult to see all your Metro apps: While the Start screen shows some of the apps in Metro, seeing all of them requires a right-click and navigating to an icon that says “All Apps.” Bibik says this is hard to find, and we have to agree.

A Microsoft account is required for some apps: A few apps, like Store, require a Microsoft account (Hotmail or Live will do) to work properly, which can take new users down a cumbersome registration process.

Scrolling is counterintuitive: The scroll wheel on the mouse scrolls left-to-right in many Metro apps, since that is the primary way to navigate in Metro.

Metro apps don’t have window controls: There’s no way to minimize or maximize a Metro app — they either take up the whole screen or they’re in the background. It’s in this departure from traditional Windows that Bibik says he expects 75% of new users to just give up.

Right now, you may wind up sitting at a red light for 45 seconds even though no one is passing through the green light in the opposite direction. But you don’t have to do that in a world where traffic flows according to computer communication instead of the systems that have been built with human behavior in mind. ... Because of this, we won’t need traffic lights at all (or stop signs, for that matter). Traffic will constantly flow, and at a rate that would probably unnerve the average human driver.

Tuesday, March 13, 2012

46% of IT workers struggle to keep their skills up to date with new technology, according to CompTIA, a non-profit trade association advancing the global interests of information technology professionals.

The organisation's latest State of the IT Skills Gap research found that 43% of organisations cannot find the resources necessary to help IT departments train their staff. That reluctance to send cash IT's way may be because 39% of organisations don't see a performance boost when they do shell out for IT-specific training.

The resulting mess means that (80% of employers think they have a damaging skills gap, often impacting staff productivity (41% of respondents) customer service or customer engagement (32%), and security (31%).

Many are therefore turning to online training to close the gap. The research says online self-training has become the most popular method for educating IT professionals and that 57% of organisations are trying to close a skills gap with more training for IT workers.

What’s the most common password among the 32 million people who’s accounts were hacked at RockYou late last year? According to a study by Imperva (download here), it’s “123456,” followed by “12345,” “123456789″ and “Password,” in that order. “iloveyou” came in at no. 5.

Sigh.

Only 0.2% of users had what would be considered a strong password of eight or more characters that contains a mixture of special characters, numbers and both lower and upper case letters, says the study.

Last year, senior British military officers, Defense Ministry officials, and other government officials were tricked into becoming Facebook friends with someone masquerading as the current Commander of the U.S. European Command (USEUCOM), and NATO’s Supreme Allied Commander Europe, exposing personal information to unknown spies, ZDNet reports.

United States Navy Admiral James Stavridis – who was in charge of operations in Libya against Colonel Gaddafi’s– now has an official Facebook page, while the bogus one has been permanently deleted, but officials are worried about the photos, phone numbers and email addresses that were compromised, The Daily Mail reports.

Sunday, March 11, 2012

I've signed up for the free Stanford Cryptography course offered for free online through Coursera. This is one of a number of courses being offered through Coursera:

I teach networking and wireless courses where we introduce the concepts of encryption and cryptography, but not at this level and to this depth. I felt it would inform my lectures and enrich my own understanding to participate in ("take") this course. My Masters and PhD work both required a great deal of high-level math, but it's been nearly 20 years since I've done that sort of math on a day-to-day basis. Likewise my programming skills – I used to be quite the Fortran programmer – have no doubt atrophied. In addition to my interest in the content of this course, I'm very interested in the quality of the course and the quality of the online delivery. I hope to be able to learn some new things that I can bring to my online and web-enhanced courses.

Over the next 10 weeks, I'll be posting my experiences in this online course – I encourage you to register and follow along.

The course, taught by Dan Boneh, which begins tomorrow March 12th, consists of "Video Lectures" (along with the slides themselves), "Problem Sets" and a "Discussion Forum".

The course is split into two modules and scheduled to run for 10 weeks:

The Video Lectures, which are delivered in small bite-sized pieces, are available online and can be downloaded. The slides are available as PDF and PowerPoint, along with a text-based transcription of the video (great for ADA compliance!).

A great feature in the preferences in the ability to toggle the format of the videos – either Flash or HTML5.

The HTML5 version looks great on an iPad – even without a Retina display:

This week saw an interesting turn in the US government's battle against the Hacker Group Anonymous. Official court documents and details emerged that finally showed that #sabu was turned by the US government as an informant to arrest and dismantle members from the LulzSec splinter cell. (Bray, 2012) In the last two days, another dramatic turn of events highlighted the demise of the once though invincible hacker group; a group the Director of the NSA said could be capable of hacking the power grid within a year or two. (Liebowitz, 2012)

A lone-wolf patriot hacker, known as Th3J35t3r, claims to have successfully targeted, exploited, and raided personal information from members of Anonymous, LulzSec, and Anti-Sec alongside Islamic Extremists and Al Qaeda, and Rhode Island State Representative Dan Gordon. If you are living in a cave and haven't heard about the Jester, read the SANS whitepaper. (OConnor, 2011) So how did the attack occur? And how can you protect yourself? Lets quickly answer these questions.

The Jester laid the groundwork for his attack over two weeks ago when he changed the ICON for his Twitter account @th3j35t3r.

EVERY so often someone asks me: “What’s your favorite country, other than your own?”

I’ve always had the same answer: Taiwan. “Taiwan? Why Taiwan?” people ask.

Very simple: Because Taiwan is a barren rock in a typhoon-laden sea with no natural resources to live off of — it even has to import sand and gravel from China for construction — yet it has the fourth-largest financial reserves in the world. Because rather than digging in the ground and mining whatever comes up, Taiwan has mined its 23 million people, their talent, energy and intelligence — men and women. I always tell my friends in Taiwan: “You’re the luckiest people in the world. How did you get so lucky? You have no oil, no iron ore, no forests, no diamonds, no gold, just a few small deposits of coal and natural gas — and because of that you developed the habits and culture of honing your people’s skills, which turns out to be the most valuable and only truly renewable resource in the world today. How did you get so lucky?”

Apple’s new _____ is a modest upgrade that has many who were hoping for more disappointed. Sure, the Apple fanbois will buy it, but Apple has failed to keep up with the state of the _____ market. For example, just the other day at the _____ conference, _____ unveiled a _____ with a _____-inch screen and _____ with _____ that come flying out of the sides and _____ with _____ and _____ the _____ by _____ing the _____ with _____s. And it has a stylus. While it doesn’t get good battery life, Apple will have to respond to this threat as _____ Analysts projects _____ will sell literally dozens of these devices.

Saturday, March 10, 2012

Diffie-Hellman key exchange was one of the earliest practical implementations of key exchange within the field of cryptography. It relies on the discrete logarithm problem. This test clip will be part of the final chapter of Gambling with Secrets!

It’s been three days since Tim Cook unveiled the new iPad, but you’re still stuck with your trusty old iPad 2. You’re keen to get rid of it so you can buy the new one, but you forgot to log in to one of those buy-back sites before Wednesday’s launch. Predictably, the announcement sent trade-in values plummeting—before the launch, some of these sites were offering close to $300 for your entry-level iPad 2 (the 16GB Wi-Fi model), provided it was in “good” condition. Now they’re willing to part with far less: As of Saturday morning, if you’ve got a well-cared-for iPad 2, NextWorth will give you $241 for it. BuyBackMac is offering $224. eBay’s Instant Sale will net you $200. And Gazelle, the most popular of the buy-back sites, will only part with $185.

Sure, if you’re hurting for cash to subsidize your early adopter lifestyle, $200 is nothing to scoff at. But if I were you, I’d skip by all of these sites and instead log in to Amazon. As of right now, its trade-in service is offering $288 for a 16GB Wi-Fi iPad 2 that has “normal wear,” and up to $320 for one in “like new” condition. Indeed, Amazon Trade-In’s lowest offer for an iPad 2 is $236, about what others are offering for “good” models. If your tablet isn’t water-damaged and is at least in working condition, you’ll get that baseline amount. (Correction: I originally, boneheadedly, quoted higher prices for the 3G model; I’ve changed all the prices and math in this piece to reflect the actual prices for the Wi-Fi model.)

What’s going on here? Considering that Apple is selling new iPad 2s for $399, how can Amazon afford to shell out up to $320 for your old one? What’s it doing with all the iPads it’s buying? Is Jeff Bezos running a charity?

Nope. There’s one catch to Amazon’s trade-in program, and it’s brilliant. While other sites will give you cash for your old goods, Amazon will only give you store credit. Thus, the “extra” money you get from Amazon compared to other trade-in services isn’t a total loss for Bezos. All that cash will be plowed back into Amazon’s own business. Depending on what you buy with your newfound wealth, the company may be making a nice profit on the deal.

The Duqu Trojan, referred to by some as Stuxnet 2.0, was partly written using an unknown programming language. The payload DLL, which communicates exclusively with the Command and Control (C&C) server so that the worm knows what to do once it has infected a system, has code that doesn’t resemble anything seen before. While secuirty researchers have worked out what the mystery code does, they aren’t sure about the syntax.

Some parts of it, including those for downloading and executing additional modules, were written in standard C++, but a big chunk of it was not. This particular section contains no references to any standard or user-written C++ functions, and may have been created by a different programming team. Security firm Kaspersky says the unusual code is unique to Duqu: many parts are directly borrowed from Stuxnet, but this one is new. The company has named it the Duqu Framework, and has noted that it is not written in C++, Objective C, Java, Python, Ada, Lua, and many other languages it checked. Unlike the rest of Duqu, it also wasn’t compiled with Microsoft’s Visual C++ 2008. All we know is that it’s object-oriented.

After having performed countless hours of analysis, we are 100% confident that the Duqu Framework was not programmed with Visual C++. It is possible that its authors used an in-house framework to generate intermediary C code, or they used another completely different programming language.

We would like to make an appeal to the programming community and ask anyone who recognizes the framework, toolkit or the programming language that can generate similar code constructions, to contact us or drop us a comment in this blogpost. We are confident that with your help we can solve this deep mystery in the Duqu story.

and some of the comments:

As400tech

That code looks familiar The code your referring to .. the unknown c++ looks like the older IBM compilers found in OS400 SYS38 and the oldest sys36.

The C++ code was used to write the tcp/ip stack for the operating system and all of the communications. The protocols used were the following x.21(async) all modes, Sync SDLC, x.25 Vbiss5 10 15 and 25. CICS. RSR232. This was a very small and powerful communications framework. The IBM system 36 had only 300MB hard drive and one megabyte of memory,the operating system came on diskettes.

SCooke

It's easier to figure this out if you consider vendor sourcing. The work was probably done by a government. And, whether the software was sourced through a US agency or whether a US agency itself was the creator, the net result is the same: you're looking for a major GSA-contracted firm who A) has clearance, B) has a compiler team, C) has a track record of providing similar product to the US government, and D) has a compiler codebase that looks kind of unfamiliar and not mainstream.

The likely suspects fitting that set of criteria are IBM, Microsoft, SAS and SAIC. All the others (remnant AT T, HP, remnant SGI... who am I forgetting?) incorporate a considerable amount of fairly recognizable shared compiler code in their offerings. Since you've disqualified Microsoft, my bet is on IBM.

I don't think it's SAS, because their compiler codebase is ancient. I don't think it's SAIC, because for them this would be a fairly difficult project. Three reasons why I think IBM.

First is that IBM has a library of bizarro options to select from. There's an internal HLASM-to-C frontend. There's all the CSet descendants. They've got research versions of damn near everything. (I'd try getting ahold of the ia32 version of CSet - probably hard to come by, but out there). They've also got a Windows source license, and if you were going to write a virus, that's always handy.

Second is that IBM has a history of doing projects like this. If there was a federal bid, they almost certainly would have been a bidder.

Third is that the project could have been run out of IBM Haifa. A number of the old IBM AV team probably either were there or ended up there, so it wouldn't be too far out of their wheelhouse. And if you wanted to build a state-sponsored virus, you'd almost certainly want to build it in a country who already has near-active hostilities with the intended target for the virus such that those acts of aggression don't become de facto acts of war for you.

Yishan Wong provides some advice for websites … Encrypting Your Plaintext Passwords. Although the post is old – end of 2009 – the advice is still relevant. I wonder how many sites still store plaintext passwords.

If you have been following technology news, you may have heard that the popular social application site RockYou was recently hacked, with all user passwords stored in plaintext stolen (over 32 million accounts). This is a terrible security lapse, not just because it compromises every RockYou account, but because many users use the same password across multiple sites, so a file containing emails and plaintext passwords means that the attacker can compromise a great many of these accounts for all those people across the web. Repeat: the popularity of RockYou means that anyone with a RockYou account is likely to have their other accounts on other sites compromised.

Like many people conscious of web security, my initial reaction to the incident was to shake my head and tsk-tsk at RockYou's foolishness at storing their passwords in plaintext, and then I realized that the real problem wasn't that plenty of sites do this, but rather that, yes, plenty of sites out there have done this, but even with this report, they likely have no idea how to fix that problem. Think about it: if you weren't sophisticated enough to encrypt your passwords in the first place, you likely aren't up to the task of migrating your plaintext passwords into an encrypted format, which is a tricky migration involving lots of moving parts and little details.

…

This blog post is therefore a step-by-step description of how to migrate your site from using plaintext passwords to encrypted passwords. If you run a small (or large) but growing website, you probably want to fix this immediately. If you do not understand all the steps, to find a technical friend (or a reliable contractor) who does, and ask them to implement it for you. I am also available for consulting gigs at a very high hourly rate.

Imagine you run a large technology company not named Apple. Let’s say you’re Steve Ballmer, Michael Dell, Meg Whitman, Larry Page, or Intel’s Paul Otellini. How are you feeling today, a day after Apple CEO Tim Cook unveiled the new iPad? Are you discounting the device as just an incremental improvement, the same shiny tablet with a better screen and faster cellular access? Or is it possible you had trouble sleeping last night? Did you toss and turn, worrying that Apple’s new device represents a potential knockout punch, a move that will cement its place as the undisputed leader of the biggest, most disruptive new tech market since the advent of the Web browser? Maybe your last few hours have been even worse than that. Perhaps you’re now paralyzed with confusion, fearful that you might be completely boxed in by the iPad—that there seems no good way to beat it.

For your sake, my hypothetical CEO friend, I hope you’re frightened.

...

I’ve been sketching out two possible scenarios for the tablet market. First, it could go like the smartphone business—one in which Apple commands a healthy share of sales and an even better share of the profits, but where its fortunes are nevertheless circumscribed by competitive rivals whose products have come to be seen as acceptable alternatives.

...

The other potential scenario, though, is far less optimistic for Apple’s competitors. It’s the iPod model. In this story, Apple begins by releasing a novel, category-defining product. Then, as rivals scramble for some way to respond, Apple relentlessly puts out slightly better versions every year, each time remaining just out of reach of the competition. Meanwhile it lowers its prices and expands its product lineup, making its devices more accessible to a wider audience. Then, to finish the game, it finds a way to boost its position through network effects and customer lock-in. (In the iPod’s case, it accomplished this through the iTunes software and built-in music store.) Put it all together and you have a device that’s unbeatable. In 2011, 10 years after its release, the iPod still represented a whopping 78 percent of the market share in music players.

One overlooked but powerful feature of Apple’s new iBooks 2 and iBooks Author is the interactive JavaScript powered widgets. Through the combination of HTML5, Cascading Style Sheets and JavaScript, interactive widgets are easily embedded in books published for the new iBooks 2 platform. Not only are these widgets capable of programmatic interactivity with local elements, but they can also collect and deliver user feedback to remote internet servers and retrieve updated data from other web services.

Example uses include providing updated stock information in a book on the stock market; updated crime information in books on law enforcement; collecting and displaying feedback in through a user survey; company financials in a corporate prospectus; or any time a book would benefit from updated and interactive data. Books with interactive and updating content truly take advantage of the potential of the iPad platform and represent the future of publishing.

inSSIDer, the app we all have loved on Windows is now available on the Mac App Store.

See description below from the Mac App Store for details.The app looks very similar to the windows version but is currently a v1.0 product and doesn’t have all features of the windows version. I’m sure future versions will add all the great features available in the windows version. I have always liked the clean design of MetaGeek apps and looks like they were able continue with same design in Mac version of inSSIDer .

A big congrats and thanks to the MeteGeek folks for releasing a Mac version of inSSIDer!

Scan the Wi-Fi networks around you and track their signal strength over time. inSSIDer scans all the Wi-Fi networks within the reach of your computer’s wireless card, tracks their signal strength over time, and determines their security settings. Track open or secure wireless networks. Determine the best channel for your own wireless network.

Monday, March 05, 2012

On the heels of iBooks Author's introduction last month, we're starting to see tools emerge that support the creation of specialized embeddable widgets. The video that follows showcases Panotour Pro's virtual 3D tours, which can be exported to widget form and then included into your iBooks project.

Sunday, March 04, 2012

Really innovative tool for performing penetration tests and – on the not so good side – hacking. Really clever design and implementation. Also a great tool for teaching the Certified Ethical Hacker curriculum.

When Jayson E. Street broke into the branch office of a national bank in May of last year, the branch manager could not have been more helpful. Dressed like a technician, Street walked in and said he was there to measure “power fluctuations on the power circuit.” To do this, he’d need to plug a small white device that looked like a power adapter onto the wall.

The power fluctuation story was total bullshit, of course. Street had been hired by the bank to test out security at 10 of its West Coast branch offices. He was conducting what’s called a penetration test. This is where security experts pretend to be bad guys in order to spot problems.

In this test, bank employees were only too willing to help out. They let Street go anywhere he wanted — near the teller windows, in the vault — and plug in his little white device, called a Pwn Plug. Pwn is hacker-speak for “beat” or “take control of.”

“At one branch, the bank manager got out of the way so I could put it behind her desk,” Street says. The bank, which Street isn’t allowed to name, called the test off after he’d broken into the first four branches. “After the fourth one they said, ‘Stop now please. We give up.’”

Built by a startup company called Pwnie Express, the Pwn Plug is pretty much the last thing you ever want to find on your network — unless you’ve hired somebody to put it there. It’s a tiny computer that comes preloaded with an arsenal of hacking tools. It can be quickly plugged into any computer network and then used to access it remotely from afar. And it comes with “stealthy decal stickers” — including a little green flowerbud with the word “fresh” underneath it, that makes the device look like an air freshener — so that people won’t get suspicious.

Metro is a user interface designed for smartphones, which I have praised generously, and which looks good and works well on small devices. It may yet mature into something equally attractive and useful on iPad-like tablets. But welded onto a non-touch laptop or desktop PC, it represents a huge negative for the majority of Windows users.

The problem isn’t so much Metro, which by itself represents some good thinking about touch device design. It’s Microsoft’s insistence on inserting Metro between us and what we want to do – and at times Metro is spectacularly inappropriate.

Creating iOS apps is fun and rewarding, and if you're a new developer you might be wondering where to begin. This road map provides the perfect starting point for iOS app development. On your Mac computer, you can create iOS apps that run on iPad, iPhone, and iPod touch. Follow this road map to learn where to get the tools you need, understand the major concepts and best practices, and see where to find more information.

As you proceed through the road map, you will use Xcode and the iOS SDK, Apple’s tools for app development. You will learn the basics of programming with Objective-C, the language that powers all iOS apps and frameworks, and will explore the Cocoa Touch frameworks. You will create a simple iOS app and learn how to test it on a device. Finally, you will learn how to submit an app to the App Store.

[Broadcom] proclaiming its future WiFi solutions were "beyond the sampling phase" and now in preproduction. Also of note, was the estimate that finished products (read: the ones you can buy) containing this tech would go on sale by mid-2012. With competitor, Qualcomm, also previewing its 802.11ac concoction, could this year possibly shape up to golden era of speedy wireless transfers?